PT-2025-54284

Name of the Vulnerable Software and Affected Versions Wolfgang Häfelinger Custom Style versions through 1.0 Description A Cross-Site Request Forgery CSRF issue exists in Wolfgang Häfelinger Custom Style, which also allows for Stored Cross-Site Scripting XSS. This allows an attacker to potentially...

EUVD-2023-36839

Malicious code in bioql PyPI...

EUVD-2025-8466

Malicious code in bioql PyPI...

Decidim-Awesome has SQL injection in AdminAccountability

Vulnerability type: CWE-89: Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' Vendor: Decidim International Community Environment Has vendor confirmed: Yes Attack type: Remote Impact: Code Execution Escalation of Privileges Information Disclosure Affected component:...

Decidim-Awesome has SQL injection in AdminAccountability

Vulnerability type: CWE-89: Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' Vendor: Decidim International Community Environment Has vendor confirmed: Yes Attack type: Remote Impact: Code Execution Escalation of Privileges Information Disclosure Affected component:...

wolfgang-sell.de Improper Access Control vulnerability OBB-3777729

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

CVE-2023-32596

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Wolfgang Ertl weebotLite plugin = 1.0.0 versions...

Cross site scripting

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Wolfgang Ertl weebotLite plugin = 1.0.0 versions...

CVE-2023-32596

Technical details beyond the description are not provided in the supplied documents. No affected versions, root cause, or patch information are included here. Monitor for updates from official sources to confirm remediation.

wolfgang-schreiber-duelmen.de Cross Site Scripting vulnerability OBB-3050020

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Joomla SexyPolling 2.1.7 SQL Injection

Exploit Title: Joomla Plugin SexyPolling 2.1.7 - SQLi Google Dork: intext:"Powered by Sexy Polling" Date: 2022-02-08 Exploit Author: Wolfgang Hotwagner Vendor Homepage: https://2glux.com/projects/sexypolling Software Link: https://2glux.com/downloads/files/free/sexypollingpack2.1.72glux.com.zip...

Joomla Plugin SexyPolling 2.1.7 - SQLi

Exploit Title: Joomla Plugin SexyPolling 2.1.7 - SQLi Google Dork: intext:"Powered by Sexy Polling" Date: 2022-02-08 Exploit Author: Wolfgang Hotwagner Vendor Homepage: https://2glux.com/projects/sexypolling Software Link: https://2glux.com/downloads/files/free/sexypollingpack2.1.72glux.com.zip...

Joomla Sexy Polling 2.1.7 SQL Injection

SexyPolling SQL Injection ==================== | Identifier: | AIT-SA-20220208-01| | Target: | Sexy Polling Joomla Extension | | Vendor: | 2glux | | Version: | all versions below version 2.1.8 | | CVE: | Not yet | | Accessibility: | Remote | | Severity: | Critical | | Author: | Wolfgang Hotwagner...

Joomla Sexy Polling 2.1.7 SQL Injection Vulnerability

SexyPolling SQL Injection ==================== | Target: | Sexy Polling Joomla Extension | | Vendor: | 2glux | | Version: | all versions below version 2.1.8 | | CVE: | Not yet | | Accessibility: | Remote | | Severity: | Critical | | Author: | Wolfgang Hotwagner AIT Austrian Institute of Technolog...

QCubed 3.1.1 Cross Site Scripting

QCube Cross-Site-Scripting ====================== | Identifier: | AIT-SA-20210215-03 | | Target: | QCubed Framework | | Vendor: | QCubed | | Version: | all versions including 3.1.1 | | CVE: | CVE-2020-24912 | | Accessibility: | Remote | | Severity: | High | | Author: | Wolfgang Hotwagner AIT...

QCubed 3.1.1 PHP Object Injection

QCubed PHP Object Injection =========================== | Identifier: | AIT-SA-20210215-01 | | Target: | QCubed Framework | | Vendor: | QCubed | | Version: | all versions including 3.1.1 | | CVE: | CVE-2020-24914 | | Accessibility: | Remote | | Severity: | Critical | | Author: | Wolfgang Hotwagne...

georg-wolfgang-knorr.com Cross Site Scripting vulnerability OBB-1503515

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

Body Found in Canada Identified as Neo-Nazi Spam King

The body of a man found shot inside a burned out vehicle in Canada three years ago has been identified as that of Davis Wolfgang Hawke, a prolific spammer and neo-Nazi who led a failed anti-government march on Washington, D.C. in 1999, according to news reports. Homicide detectives said they...

wolfgangpuck.com Improper Access Control vulnerability OBB-1450144

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

wolfgang-reith.de Cross Site Scripting vulnerability OBB-1332964

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...